Lucene search
K

20 matches found

NVD
NVD
added 2026/04/21 8:16 p.m.5 views

CVE-2026-33812

Parsing a malicious font file can cause excessive memory allocation...

6.1CVSS0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-1452

Malware in sbrugna...

9.3CVSS6.2AI score0.04036EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-3718

Malware in sbrugna...

6.8CVSS5.8AI score0.02866EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-17677

Malware in sbrugna...

7.8CVSS7.4AI score0.01336EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-8415

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.05614EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31642

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00227EPSS
Exploits0References1
Prion
Prion
added 2024/01/10 10:15 p.m.25 views

Input validation

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4. Processing a font file may lead to arbitrary code execution...

4.4CVSS7.1AI score0.0021EPSS
Exploits0References5Affected Software3
Vulnrichment
Vulnrichment
added 2023/06/06 4:39 p.m.7 views

CVE-2023-27916

The affected application lacks proper validation of user-supplied data when parsing font files e.g., FNT. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process...

7.8CVSS7.6AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2022/03/18 6:15 p.m.14 views

CVE-2022-24091

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

9.3CVSS0.03844EPSS
Exploits0References1
OSV
OSV
added 2022/02/17 2:15 p.m.12 views

UBUNTU-CVE-2022-23319

A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...

5.5CVSS5.8AI score0.00661EPSS
Exploits1References3
NVD
NVD
added 2021/09/08 2:15 p.m.16 views

CVE-2021-30789

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution...

7.8CVSS0.01248EPSS
Exploits0References5
NVD
NVD
added 2021/09/08 2:15 p.m.15 views

CVE-2021-30760

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution...

7.8CVSS0.01336EPSS
Exploits0References6
Apple
Apple
added 2017/09/19 12:0 a.m.64 views

About the security content of iOS 11

About the security content of iOS 11 This document describes the security content of iOS 11. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...

10CVSS0.5AI score0.23694EPSS
Exploits39References1Affected Software1
NVD
NVD
added 2015/07/03 1:59 a.m.24 views

CVE-2015-3681

Apple Type Services ATS in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3682...

6.8CVSS7.4AI score0.02866EPSS
Exploits0References4
Cvelist
Cvelist
added 2015/07/03 1:0 a.m.20 views

CVE-2015-3681

Apple Type Services ATS in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3682...

5.2AI score0.02866EPSS
Exploits0References4
CNVD
CNVD
added 2015/07/02 12:0 a.m.2 views

Apple MAC OS X Font File Handling Processing Arbitrary Code Execution Vulnerability (CNVD-2015-04267)

Apple Mac OS X is a commercial operating system. An arbitrary code execution vulnerability exists in Apple Mac OS X's handling of specially crafted font files, which allows an attacker to construct a malicious file that can be parsed by a user to execute arbitrary code...

6.8CVSS8AI score0.02866EPSS
Exploits0References1
OSV
OSV
added 2014/05/15 2:55 p.m.4 views

CVE-2014-0209

Multiple integer overflows in the 1 FontFileAddEntry and 2 lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffe...

6.4AI score
Exploits0References13
Debian CVE
Debian CVE
added 2012/06/16 12:0 a.m.31 views

CVE-2011-3193

Heap-based buffer overflow in the LookupMarkMarkPos function in the HarfBuzz module harfbuzz-gpos.c, as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...

9.3CVSS7.6AI score0.07543EPSS
Exploits0
OSV
OSV
added 2011/01/07 11:0 p.m.18 views

CVE-2010-3311

Integer overflow in base/ftstream.c in libXft aka the X FreeType library in FreeType before 2.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Compact Font Format CFF font file that triggers a heap-based buffer overflow,...

8AI score
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.22 views

Ubuntu 5.04 / 5.10 / 6.06 LTS : freetype vulnerability (USN-324-1)

An integer overflow has been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Note that Tenable Network Security has extracted the preceding...

7.5CVSS6AI score0.04304EPSS
Exploits0References2
Rows per page
Query Builder